Paul Cleary

This should be done. A simple admin username / password can be used outside of normal auth. Low hanging fruit, won't take too long to do.

@JanuszU "super user" is mostly on par (or entirely on par) with "support user" at this point. @remerle we never did develop a user/role/privilege system (outside of zone level access...

@JanuszU thanks for the info, let me see if I understand right. You need a group of admins who are "approvers" who can review+approve certain DNS changes - In vinyldns,...

@JanuszU hmm, so do you mean something like "If anyone changes these records, let ME approve them"? Would the process follow: 1. A zone admin creates an ACL rule on...

@JanuszU thanks. Could you elaborate on how you see this working? Wondering if you could provide a little more context / even an example or a story that walks through...

@JanuszU thanks for the clarity. It circles back to the RBAC for approvers. I like that idea alot. It goes beyond ACL rules, where you can grant an ACL rule...

Thanks @JanuszU , in your common use case "A+PTR", would you require approval for just the "A", just the "PTR", or both? On our end, typically users do not care...

This issue is blocked pending actually doing the release. Keeping it in the Inbox for safe keeping. Thanks @britneywright !

We have keys except for sonatype / maven central. Once we can deploy there we can do that.

Remember to revisit this as we update our CI/Release process